Hey guys-
Thanks for all the suggestions, but I just wanted to clarify: the example
about the 6.2 box was just an example for other people. I didn't mean to
imply that I didn't know why that box got hacked, just wanted to show to
anyone who was curious what can happen when you don't A) Setup some kind of
port security and B) Keep your software up to date. As soon as I heard what
that machine was running I knew exactly how it got busted ;-).
Anyway, thanks again for the tips; don't want to sound ungrateful, but I
also don't want anyone thinking I'm totally clueless. Just mostly clueless.
I think! *GRIN*
Again, and no I don't work for these guys, but I'll bring it up again(for
the last time...PROMISE!) Bastille-linux=good. They do the above, plus a
host of other goodies like:
A) Disabling SUID for lots of stuff that doesn't need it
B) Disabling lots of stuff you don't need
C) Disabling compiler for everyone but root
D) Hacking limits file to keep any user from pummeling system
All this stuff is optional, and the new x-install screen really walks you
through everything nicely and explains exactly what it's doing. 'Course, if
you already know what you're doing and just like the idea of having it all
done for you at once you can tell it not to explain everything and just
"fill in the blanks".
OK, ok, enough raving. Got to go back to my REAL job.
Brian Sweeney
"The life expectancy of an unpatched, default installation of Red Hat 6.2
server is three days. The last time we attempted to confirm this, the system
was compromised in eight hours."
-The Honeynet Project
techtalk mailing list